b2ap3 large hacked site2I work with a number of small businesses, providing communications coaching and technical support.  A difficulty for small businesses is prioritizing what's important and what's a good return on investment out of the myriad of claims being made on a limited day and a tight budget.  In a digital, always-on world, paying short shrift to your website should not be one of those priorities.  I recently got a call from a small business I'd built a site for.  After providing them with training on how to use it, including the back end or site administrator area, I recommended that they contract with Integrated Media Strategies for technical and marketing communications support.  I told them that if they didn't use my services, they should either ensure they kept the site up to date or found someone else. They turned me down.  I understand that there may be some disbelief after the site is up at the need for ongoing support.  After all, it's up, right?  It still has that new car smell.


But like new cars, changing out the oil and air filters and keeping everything nice and tight is an important part of ensuring it keeps running and doesn't break down.  What new cars don't have to contend with that websites do is the lucrative trade on the dark net of a network of sites infected with malware, disseminating spam, or generating real traffic to sites elsewhere from clickbait. 

During the course of the year, I got back to the former client several times after I saw the site languishing.  But there comes a time where you have to take them at their word that they don't need your help.  So it came as a surprise when I received a call because 'Google has blacklisted my site'.  It had been hacked.   I took a look at the site and came back with a time estimate to clean up the site.  In addition to some fairly sophisticated malware problems, every single article had been compromised.  Making it worse, the site had been left like that for more than 30 days, making a month's worth of daily backups equally compromised.

When he heard the price to clean up the malware and restore the site, my former client became angry.  "I expected the site to keep working."  I referenced the sentences in the written proposal I'd sent a year before in which I spelled out the likely consequences of an unpatched site.  I'd forwarded the same proposal more than once. "I didn't read it", he confessed.  A week later, his site was back up.  It was fully patched, fully up to date, and had a security extension protecting the back end from intrusions.  In the first day after the site administrator was password protected, there were more than 30 attempts to gain access and a variety of stack overflow injection attempts.  My client was getting those emails, too. 

So in 2017 I'll be working with him to make his site do what it's supposed to do - bring him business, build his brand, differentiate him from his competitors.  Unfortunately, it took a hack and a wasted year to gain insight into what his site could have been doing for him. 



Site by Integrated Media Strategies

Marketing communications solutions for your world


This site uses cookies. Select ACCEPT to accept this. Click MORE to be taken to our privacy policy page.